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Application No. 

09/337,964 



Examiner 
Benjamin E Lanier 



Applicant(s) 

VANDERGEEST, RONALD J. 



Art Unit 
2132 



- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

• Extensions of time may be available under the provisions of 37 CFR 1 .1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 704(b). 

Status 

1 )□ Responsive to communication(s) filed on . 

2a)S This action is FINAL. 2b)D This action is non-final. 

3) Q Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
Disposition of Claims 

4) ^ Claim(s) 1-48 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) S Claim(s) 1-6.8. 10-18,20-29,31-38 and 40-48 is/are rejected. 

7) S Claim(s) 7.9,19.30 and 39 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

£))□ The specification is objected to by the Examiner. 

10)^ The drawing(s) filed on 22 June 1999 is/are: a)S accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

11 )□ The proposed drawing correction filed on is: a)D approved b)D disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) D The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§ 119 and 120 

13) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a)DAII b)D Some*c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2.Q Certified copies of the priority documents have been received in Application No. . 



3.D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121. 
Attachment(s) 

1) D Notice of References Cited (PTO-892) 4) O Interview Summary (PTO-413) Paper No(s). . 

2) O Notice of Draftsperson's Patent Drawing Review (PTO-948) 5) O Notice of Informal Patent Application (PTO-152) 

3) D Information Disclosure Statement(s) (PTO-1449) Paper No(s) . 6) □ Other 
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DETAILED ACTION 



Response to Amendment 



1 . Applicant's amendments of claims 1,15, and 39 and paragraph substitution in the 
specification are acknowledged. 



2. Applicant's argument that the Linehan reference does not teach a key manifest that 
generates new security keys for the subscriber based on received key attribute data contained in 
the configured security key manifest is not persuasive because the Linehan reference discloses a 
whole system that contains a key client, key generator, key server, key database, and an 
encrypted data file memory that when taken as a system perform as a security key manifest. The 
key generator generates a new key based on information received by the key server from a client, 
and then storing the client key in the key database (Col. 4, line 61 - Col. 5, line 39). 

Applicant's argument that the Linehan reference does not teach one of at least: key size 
data, key usage, key maintenance attributes, cryptographic algorithm, subscriber identification 
data and authentication data contained in the security manifest is not persuasive because Linehan 
discloses the key server checking the client ticket (authentication information) to verify that the 
accessing user is permitted to access the data (key usage)(Col. 5, lines 9-16). 

Applicant's argument that the Linehan reference does not teach updating the security 
manifest is not persuasive because Linehan discloses that the information in the key database can 
be updated (Col. 8, lines 1-17) when a file name or any other identifying information is changed. 

Applicant's argument that the Linehan reference does not teach continuously analyzing 
the key manifest content is not persuasive because Linehan discloses monitoring the number of 
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files and the time in order to generate new keys (Col. 9, lines 1-10). Examiner asserts time 
monitoring would be continuous. 

Applicant's argument that the Peterson reference is not obvious to combine with the 
Linehan reference is not persuasive because the Peterson reference discloses a system for 
delivering web content, and the cryptographic keys and authentication information of Linehan 
can be considered web content. 

Applicant's argument that the Linehan reference does not teach the creation of a new 
public key pair in the updating step (claim 7) has been persuasive and the rejection has been 
overcome. 

Applicant's argument that the Linehan reference does not teach the digital signing of the 
key manifest (claims 9, 19, and 30) is persuasive and the rejections have been overcome. 

Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

4. Claims 1-3, 5, 6, 8, 10, 13-15, 18, 20, 23-25, 27-29, 31, 34-36, 38, 40, 42-44, 46, and 48 
are rejected under 35 U.S.C. 102(b) as being anticipated by Linehan, U.S. Patent No. 5,495,533. 
Referring to claims 1-3, 14, 24, 25, 36, 40, 44, and 46, Linehan discloses a personal key archive 
containing a client, server, key generator, and a personal key database which acts as a security 
key manifest in that it contains an entry for each file that is to be accessed, each of these entries 
are indexed by information that identifies the files, and each entry contains the key used to 
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encrypt the corresponding file (Col. 7, lines 39-45). In this personal key archive a client of an 
accessing user sends a ticket and data file identification data (key attribute data) to the server. 
The server checks the ticket and sends the key corresponding to the data file to the client of the 
accessing user. The client of the accessing user uses the key to decrypt the encrypted data file 
(Abstract, Col 5, lines 9-16). 

Referring to claims 5, 35, 38, and 48, Linehan discloses a client that sends a ticket and 
data file identification data to the server. The server checks the ticket and sends the key 
corresponding to the data file (key usage) to the client of the accessing user (Abstract, Col. 5, 
lines 9-16). 

Referring to claims 6,10, 20, and 31, Linehan discloses a client that, when a file is 
renamed or any identifying information is changed, sends the new and old filenames, or other 
identifying data) to the server so that the server can update the key database (manifest) (Col. 8, 
lines 1-6). 

Referring to claims 8,18, and 29, Linehan discloses a key database (manifest) capable of 
checking the files and generating new keys for any file at any time (Col. 9, lines 2-10). 

Referring to claims 13, 23, and 34, Linehan discloses using symmetric data encryption 
methods (Col. l,line 50). 

Referring to claim 15, Linehan discloses a personal key archive where a client of an 
accessing user sends a ticket and data file identification data (key attribute data) to the server. 
The server checks the ticket and sends the key corresponding to the data file (key usage) to the 
client of the accessing user. The client of the accessing user uses the key to decrypt the encrypted 
data file (Abstract, Col 5, lines 9-16). The client, when a file is renamed or any identifying 
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information is changed, sends the new and old filenames, or other identifying data, to the server 
so that the server can update the key database (manifest) (Col. 8, lines 1-6). The server can 
generate an updated file encryption key to be stored in the database (manifest) (Col. 8, lines 37- 
45). The key database is capable of checking the files and generating new keys for any file at any 
time (Col. 9, lines 2-10). 

Referring to claims 27, 28, 42, and 43, Linehan discloses a client that, when a file is 
renamed or any identifying information is changed, sends the new and old filenames, or other 
identifying data) to the server so that the server can update the key database (manifest) (Col. 8, 
lines 1-6), and the server can generate the update file encryption key to be stored in the database 
(manifest) (Col. 8, lines 37-45). 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claims 4, 16, 37, and 47 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Linehan, U.S. Patent No. 5,495,533, in view of Peterson, U.S. Publication No. 2001/0003828. 
Referring to claims 4, 16, 37, and 47, Linehan discloses a personal key archive containing a 
client, server, key generator, and key database (manifest) where a client of an accessing user 
sends a ticket and data file identification data (key attribute data) to the server. The server checks 
the ticket and sends the key corresponding to the data file to the client of the accessing user. The 
client of the accessing user uses the key to decrypt the encrypted data file (Abstract, Col 5, lines 
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9-16). Linehan does not disclose a method allowing the subscriber to access the data either by 
push or pull based access. Peterson discloses a distribution system capable of pull-base 
architecture, push-based architecture (Page 4, paragraph [0046]). It would have been obvious to 
one of ordinary skill in the art at the time the invention was made to use push-based and pull- 
based architectures in the person key archive of Linehan in order to support different transfer 
architectures as taught in Peterson (Page 4, paragraph [0046]). 

7. Claims 11, 12, 17, 21, 22, 26, 32, 33, 41, and 45 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Linehan, U.S. Patent No. 5,495,533, in view of Spies, U.S. Patent No. 
6,230,269. Referring to claims 11,21, and 32, Linehan discloses a personal key archive 
containing a client, server, key generator, and key database (manifest) where a client of an 
accessing user sends a ticket and data file identification data (key attribute data) to the server. 
The server checks the ticket and sends the key corresponding to the data file to the client of the 
accessing user. The client of the accessing user uses the key to decrypt the encrypted data file 
(Abstract, Col 5, lines 9-16). Linehan does not disclose the encryption key as a key pair. Spies 
discloses an authentication system where once a user is authenticated, they receive a 
public/private key pair (Abstract). It would have been obvious to one of ordinary skill in the art 
at the time the invention was made to use a public/private key pair in the personal key archive of 
Linehan in order to accommodate both point-of-access authentication and authentication between 
participants who communicate over a network as taught in Spies (Col. 1, lines 44-50). 

Referring to claims 17, 26, 41, and 45, Linehan discloses a personal key archive 
containing a client, server, key generator, and key database (manifest) where a client can, when a 
file is renamed or any identifying information is changed, send the new and old filenames of a 
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file, or other identifying data) to the server so that the server can update the key database (Col. 8, 
lines 1-6). The server can then generate an updated file encryption key to be stored in the 
database (manifest) (Col. 8, lines 37-45). Linehan does not disclose the generation of an updated 
file encryption key pair. Spies discloses an authentication system where once a user is 
authenticated, they receive a public/private key pair (Abstract). It would have been obvious to 
one of ordinary skill in the art at the time the invention was made to use a public/private key pair 
in the personal key archive of Linehan in order to accommodate both point-of-access 
authentication and authentication between participants who communicate over a network as 
taught in Spies (Col. 1, lines 44-50). 

Referring to claims 12, 22, and 33, Linehan discloses a personal key archive containing a 
client, server, key generator, and key database (manifest) wherein the server generates 
authentication data in the form of a ticket that enables the client to access file data (Col. 3, lines 
12-21). Linehan further discloses the client receiving a key corresponding to the data file upon 
validation of the ticket (Abstract, Col 5, lines 9-16). Linehan does not disclose the client 
receiving a key pair. Spies discloses an authentication system where once a user is authenticated, 
they receive a public/private key pair (Abstract). It would have been obvious to one of ordinary 
skill in the art at the time the invention was made to use a public/private key pair in the personal 
key archive of Linehan in order to accommodate both point-of-access authentication and 
authentication between participants who communicate over a network as taught in Spies (Col. 1, 
lines 44-50). 

Allowable Subject Matter 
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8. Claims 7, 9, 19, 30, and 39 are objected to as being dependent upon a rejected base claim, 
but would be allowable if rewritten in independent form including all of the limitations of the 
base claim and any intervening claims. 

9. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Conclusion 

10. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Benjamin E Lanier whose telephone number is (703)-305-7684. 
The examiner can normally be reached on M-Th from 7:30am to 5:00pm, and F from 7:30am to 
4:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron, can be reached on (703)-305-1830. The fax phone number for the 
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organization where this application or proceeding is assigned is (703)-746-7239, after final 
(703)-746-7238, or non-official/draft (703)-746-7240. 

Any inquiry of a general nature or relating to the status of this application or proceeding should 
be directed to the receptionist whose telephone number is 703-305-3900. 



GILBERT0 BARRON 
SUPERVISORY PATENT EXAMINER 

'"F.CHN0L0GY CENTER 2100 




